Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

Tuesday, April 8, 2008

Daily Report

• The Associated Press reports two men attempting to board a plane to Beijing with nearly a dozen sensitive infrared cameras in their luggage were arrested on Saturday at Los Angeles International Airport for investigation of trying to take the cameras with potential military use to China without the proper export licenses. (See item 10)

• According to the Wall Street Journal, start-up carrier Skybus Airlines shut down over the weekend, becoming the third U.S. airline in a week to cease operations in an industry being pummeled by high fuel prices and the weak economy. (See item 13)

Information Technology

26. April 7, Dark Reading – (National) New massive botnet twice the size of storm. A new botnet twice the size of Storm has ballooned to an army of over 400,000 bots, including machines in the Fortune 500, according to botnet researchers at Damballa. The so-called Kraken botnet has been spotted in at least 50 Fortune 500 companies and is undetectable in over 80 percent of machines running antivirus software. Kraken appears to be evading detection by a combination of clever obfuscation techniques, including regularly updating its binary code and structuring the code in such a way that hinders any static analysis, said a principal researcher at Damballa. “It’s easy to trace but slow to get antivirus coverage. It seems to imply [the creators] have a good understanding of how AV tools operate and how to evade them,” he said. Kraken’s successful infiltration of major enterprises is a wakeup call that bots are not just a consumer problem. Damballa and other botnet experts have seen an unsettling rise in bot infections in enterprises recently. He said like Storm, Kraken so far is mostly being used for spamming the usual scams – high interest loans, gambling, male enhancement products, pharmacy advertisements, and counterfeit watches, for instance. “But given that it updates its binary, there’s no reason it couldn’t update itself to a binary that does other things.” Source: http://www.darkreading.com/document.asp?doc_id=150292

27. April 5, Associated Press – (National) US cyberwarfare prep includes offense. U.S. military officials seeking to boost the nation’s cyberwarfare capabilities are looking beyond defending the Internet toward developing ways to launch virtual attacks on enemies. But first the military will have to figure out the proper boundaries. “What do we consider to be an act of war in cyberspace?” asked the Lt. General heading the Air Force’s cyberoperations command. “The military is not going to tend to do that (use virtual strike capabilities) until you cross some line that constitutes an act of war.” He said initial uses likely would be limited to diverting or killing data packets that threaten the nation’s systems, the way the military may intercept a foreign ship carrying arms in international waters. The remarks came late Friday during a New York chapter meeting of the Association For Intelligence Officers, a nonprofit group for current and former intelligence agents and their supporters. In an interview afterward, the cyberoperations chief said that in the future, the military might rely upon network warfare to disrupt an enemy’s communications system, replacing the need for conventional weapons like bombs. In any such scenario, he said the military would be restricted by the same rules of engagement – such as requirements for a formal declaration of war – that apply to conventional attacks. As the military increasingly relies on networks and computer systems to communicate and coordinate conventional operations, the U.S. Air Force is planning to establish by October a Cyber Command for waging a future war that is fought not only by land, sea and air but also in cyberspace Source: http://news.yahoo.com/s/ap/20080406/ap_on_hi_te/cyberwarfare;_ylt=ApAopNisLSTMnL6h3knYLwCs0NUE

28. April 05, IDG News Service – (National) Companies struggle as Safari pops up on networks. Network administrators are complaining that Apple Inc.’s recent decision to offer users its Safari Web browser as part of an iTunes and QuickTime update has made their lives harder, as they struggle to remove the software from PCs on their networks. For a network administrator at Soy Capital Bank and Trust Co. in Decatur, Ill., the trouble began a few weeks ago, when he noticed that Safari had popped up as a download option with his Apple Software Update, the program that is used to update iTunes and QuickTime. He soon found out that many of the users on his network had installed the software without realizing it. “I went into work the next day, and I scanned my network, and my inventory software said I have Safari on 30 PCs,” he said. Because of the way Apple had configured the update, anyone who clicked OK automatically installed the company’s Web browser. Most users thought that Safari was simply a component of the Apple software they had already installed, he said. “This is not good; this is a security risk,” he said, adding that it has taken him the better part of a week to remove Safari from his network and prevent it from being reinstalled. In an e-mail interview, the chief technology officer at Tamiyasu, Smith, Horn and Braun Accountancy Corp. noted that the updates are creating a problem for administrators and making users’ machines less secure. “It impacts all of us when more potential attack surface is installed in a group of folks that are vulnerable enough as it is,” she said. Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9075138&intsrc=hm_list

Communications Sector

29. April 7, Macedonia Online – (International) EU clears mobiles on aircraft. Mobile phone calls will be allowed on planes flying in European airspace under new European Commission rules. The decision means that mobiles could be used once a plane has reached an altitude of 3,000 meters (9,842.5 feet) or more. It follows six months of consultation by the European regulator and the first services could launch next month. The European Union telecoms commissioner has warned operators to keep the cost of calls made on planes at a reasonable level. The European Commission has introduced new rules to harmonize the technical requirements for the safe in-flight use of mobile phones. The commission is also making it possible to enable the national licenses granted to individual airlines by a member state to be recognized throughout the EU. The decision to offer the services now falls to individual airlines. However, there are other regulatory hurdles to overcome before the technology is considered to be fully approved. The European Aviation Safety Agency still needs to approve any potential new hardware to ensure that it does not interfere with other flight systems. Source: http://macedoniaonline.eu/content/view/698/2/

30. April 6, IDG News Service – (National) Wireless auction unlikely to shift carrier balance. Both Verizon Wireless and AT&T won enough spectrum licenses in the U.S. government’s 700MHz auction concluded last month to roll out services a cut above what they offer today, though how fast they are for subscribers will be up to the carriers. Both service providers will use the frequencies, at least in part, for LTE (Long-Term Evolution), an emerging mobile broadband technology sponsored by the organization that backs GSM (Global System for Mobile Communications). AT&T said the licenses would provide the foundation for rolling out HSPA+, a technology further along in its development, as well as LTE. The carriers released some details of their plans last week after a quiet period imposed by the U.S. Federal Communications Commission (FCC) ended. Also, Qualcomm said it will use eight new licenses to expand its FLO TV mobile broadcasting service. The 700MHz spectrum, which TV stations are required to give up by mid-February 2009, when they drop analog broadcasts, can reach farther and penetrate walls better than current cellular frequencies. The auction brought in more than US$19 billion, with Verizon agreeing to pay more than $9 billion and AT&T about $6.6 billion. At the urging of Google and other parties, the FCC set requirements for use of some of the frequencies by any application or device. Google did not win any licenses, but it hopes, along with Microsoft and others, to take advantage of “white spaces” between channels. Source: http://www.pcworld.com/article/id,144175-c,fixedwirelessbroadband/article.html

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"